Common questions about file digests

Common Problems > Common questions about file digests

Temprecord data files can optionally be protected with a file digest.  Here are some of the more common questions people have about digests.

What's the difference between a digest and encryption?

Protecting a file with encryption is the process of making a file such that nobody can tell what the file contains unless they know the key, which is normally a password or passphrase.

Protecting a file with a digest is the process of creating a piece of data based on a file's contents and some user key (which also is normally a password or passphrase) such that nobody can alter the file without destroying the relationship between the digest and the file's data.  It doesn't stop somebody from inspecting the file or even printing it or exporting the data.

Why do I need a passphrase if the file is going to be visible to anyone anyway?

You don't.  If you don't provide a passphrase then Temprecord will use its own one.

Why would I want to provide my own passphrase/key then?

If you specify your own passphrase/key then the digest stored in the file will be based on both the data in the file, and the key you provided when the digest was calculated.  Someone loading the file with Temprecord in another location will only be able to load the file without Temprecord complaining if they also know that passphrase and have supplied it in the "Use this passphrase" option.  This provides an additional layer of security.  They will still be able to view the file however.

Doesn't the digest make the file larger?

Yes, but not by much.  Here's a typical digest:

  32572A8EC0734084E590C6C5055B000E1B263C656B3EFE63E74E80735C65DB00

which is a few percent at most of the total datafile size.

How secure is the file digest?

The digests are calculated using the HMAC (Hash-based Message Authentication Code) algorithm with a SHA256 cryptographic hash function. Provided the passphrase is very secure, the digest is very secure.  The chance of two different files having the same digest is 1 in 115,792,089,237,316,195,423,570,985,008,687,907,853,269,984,665,640,564,039,457,584,007,913,129,639,936.  That is a fairly small chance, by anyone's measure.

If your passphrase is "password", or "1234", the digest is as secure as your bank account contents would be if that was the password for your bank account.  Remember, a good password should be easy to remember, and difficult to guess.

If the recipient of the file doesn't know the passphrase used to create the digest, how will they be able to read the file?

Not knowing the passphrase doesn't stop anybody being able to load the file, and Temprecord will load files that contain digests that don't agree with the key you provide.  It will however provide an indication that the digest doesn't agree the data in the file.

Surely I can just edit the plain text files with a text editor?  That doesn't seem very secure.

Yes you can, but any changes you make will violate the digest.  When the file is loaded by Temprecord next, it will complain that the digest doesn't match.

Are the comments I add to a file also protected by the digest?

Yes.  If you alter the comments and save the file, the digest will be recalculated, and will be different.

Why don't you call them "passwords"?

Because they are more than just "words" - they can contain several words and include spaces and punctuation characters.  Note also that case is significant - Katy Perry, katy perry, KATY PERRY are all considered to be distinct passphrases.

What makes a good passphrase?

A good passphrase is easy to remember, and difficult to guess.  Most of the commonly used successful attacks on sensitive data only work because people use easy-to-guess passphrases - ones like:

•"1234",

•"password",

•the year they were born,

•the name of their cat, etc.

Is the digest algorithm you use secret?

No, it's not secret.  The digests are calculated using the HMAC (Hash-based Message Authentication Code) algorithm with a SHA256 cryptographic hash function.  The only thing that needs to be secret is your key, if you have used one.

OK, then what's to stop somebody tampering with the data in a file, calculating a new digest from the tampered data, and putting that digest in there?

Nothing.  But they couldn't get away with it undetected because the new digest would be different to the one the sender had created, and the passphrase used to create the digest would be different, so the recipient would receive a warning when they opened the file using the digest they had received from the sender.

Aha!  I altered some text in a datafile and Temprecord still loads the file without warning me that the file has been tampered with.

Non-critical information in the header part of the file is not included in the digest calculation.  These are items such as the positions of the start and end samples on the graph, the position of the graph cursor, etc.

Is the passphrase stored in the file?

No (that would be silly).